blob: fec9320bb8478bad9c4906002739a8e2e55ec3ec (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
|
module tdm 1.0;
require {
type etc_t;
type fprintd_t;
type init_t;
type tmp_t;
type unconfined_service_t;
type unconfined_t;
type var_lib_t;
type var_run_t;
type xdm_t;
class capability2 mac_admin;
class dbus send_msg;
class fifo_file { getattr open read setattr unlink };
class file { create entrypoint getattr lock map open read rename unlink write };
class lnk_file unlink;
class process transition;
}
allow fprintd_t init_t:dbus send_msg;
allow unconfined_service_t unconfined_t:process transition;
allow unconfined_t self:capability2 mac_admin;
allow xdm_t etc_t:file { create entrypoint rename unlink write };
allow xdm_t tmp_t:fifo_file { getattr open read setattr unlink };
allow xdm_t tmp_t:file { map open unlink };
allow xdm_t tmp_t:lnk_file unlink;
allow xdm_t var_lib_t:file { unlink };
allow xdm_t var_run_t:file { getattr lock open read write };
|
